TFTM 01-02 TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state. 2013 October.

Slides:

Advertisements

Similar presentations

Internal Control in a Financial Statement Audit

Advertisements

© fedict All rights reserved Legal aspects Belgian electronic identity card Samoera Jacobs – November 2008.

Parma, 21st November 2003Minerva European Conference : Quality for cultural Web sites Quality Framework and Guidelines for Cultural Web Sites Isabelle.

1 Regulation. 2 Organisational separation 3 Functional Separation.

International Organization

The Implementation Structure DG AGRI, October 2005

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

COBIT® 5 for Assurance Introduction

© State Services Commission, 2006 Authentication to access government services What might the future hold? Laurence Millar Deputy Commissioner Information.

The Role of Governments Caribbean Telecommunications Union Ministerial Seminar May 29, 2012 Heather Dryden Chair - Governmental Advisory Committee, ICANN.

Environmental Management Systems Refresher

1 The Challenges of Creating an Identity Management Infrastructure for the University of California David Walker Karl Heins Office of the President University.

Introduction to Entrepreneurship and New Venture Creation Rui Baptista

® NSTIC’s Effects on Privacy The Need to Balance Identity and Privacy- Protection with Market Forces in the National Strategy for Trusted Identities in.

TFTM Interim Trust Mark/Listing Approach Paper Discussion Deck TFTM Committee IDESG Plenary Meeting January 14, IDESG TFTM Committee1.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Chapter 3 Health Care Information Systems: A Practical Approach for Health Care Management 2nd Edition Wager ~ Lee ~ Glaser.

Identity Federation Rules and Process Linda Elliott President, PingID Network Electronic Authentication Partnership Washington, DC February 12, 2004.

IDESG Goals & Work-plans for 2013 and beyond Brett McDowell IDESG Management Council Chair

Auditing Concepts.

Functional component terminology - thoughts C. Tilton.

TFTM Sub-Committee What do we need for the IDESG Trust Mark Program Discussion Deck TFTM Committee April 16, IDESG TFTM Committee1.

Proposed Workflow IDESG Self-Assessment and Attestation Program For TFP’s Discussion Deck TFTM Committee 09/23/

Framework Planning Draft 1 Jack Suess Ian Glazer Peter Alterman Andrew Hughes Michael Garcia.

Cross Sector Digital Identity Initiative March 12, 2014 Hearing on the National Strategy for Trusted Identities in Cyberspace (NSTIC) Cross Sector Digital.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Ken Laskey, co-editor 5th SOA for E-Government Conference 1 May 2008

ITIS 3200: Introduction to Information Security and Privacy Dr. Weichao Wang.

Use Case Development Scott Shorter, Electrosoft Services January/February 2013.

Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.

Identity Relationship Management The Next Evolution of Identity and Access Management for the Internet of Everything.

Functional Model Workstream 1: Functional Element Development.

NSTIC ID Ecosystem A Conceptual Model v03 Andrew Hughes October October IDESG Version 1.

Identifying the Baseline IDESG Security Committee Discussion 10/23/

TFTM Interim Trust Mark/Listing Approach Paper Accreditation, Certification, and Trust Mark Program Key Administrative and Operational Responsibilities.

Requirements Development & Template Presentation to All Chairs 8/12/2014.

HIT Policy Committee Nationwide Health Information Network Governance Workgroup Recommendations Accepted by the HITPC on 12/13/10 Nationwide Health Information.

InCommon Assurance Discussion on NSTIC Acitivities Jack Suess April 10, IDESG TFTM Committee1.

Internal Control in a Financial Statement Audit

TFTM Interim Trust Mark/Listing Approach Paper Analysis of Current Industry Trustmark Programs and GTRI PILOT Approach Discussion Deck TFTM Committee.

A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.

Internal Control in a Financial Statement Audit

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state November.

TFTM Deliverable Self Assessment and Attestation Program Discussion Deck TFTM Committee June 25, IDESG TFTM Committee1.

Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.

1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Identity Ecosystem Framework and Charter Gap Analysis.

Garry Compton Manager Government Authentication ANTA Workshop 05/08/03 Canberra, Australia An update on Commonwealth Authentication.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

Cloud Computing, Policy Management and Standardization Europe Identity Conference 2011 John Sabo, Director Global Government Relations, CA Technologies.

McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 6-1 Chapter 6 CHAPTER 6 INTERNAL CONTROL IN A FINANCIAL STATEMENT AUDIT.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.

Systems Accreditation Berkeley County School District School Facilitator Training October 7, 2014 Dr. Rodney Thompson Superintendent.

Scalable Trust Community Framework STCF (01/07/2013)

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

HIT Policy Committee Meeting Nationwide Health Information Network Governance June 25, 2010 Mary Jo Deering, PhD ONC, Office of Policy and Planning NHIN.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

SEC’S REGULATION CROWDFUNDING: Overview of the Final Regulations.

Information Resource Stewardship A suggested approach for managing the critical information assets of the organization.

The Value of Creating the Identity Ecosystem. The Identity Ecosystem Steering Group (IDESG) is the source of expertise, guidance, best practices and tools.

Progress Report on the U.S. NSTIC Efforts Jack Suess – Delegate for Research, Development, Education & Innovation

Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Auditing Concepts.

Overview nate-trust.org Who (describe your organization)

What Is ISO ISO 27001, titled "Information Security Management - Specification With Guidance for Use", is the replacement for BS It is intended.

DATA VERTICAL Technical Exchange

Higher Education’s Role in the Identity Ecosystem

Chapter 27 Security Engineering

Jeremy Grant Coordinator Better Identity Coalition

Presentation transcript:

TFTM TFTM Committee working call to discuss how to describe the “IDESG-Acknowledged Identity Ecosystem” in its interim or long term state October IDESG TFTM Committee 1

Contents of this deck The Value of establishing an IDESG-Acknowledged ID Ecosystem (interim or long-term) Discussion of the nature of “Interim” versus “Longer term” Some possible descriptions of the IDESG- Acknowledged ID Ecosystem * These slides should be modified as needed to circle in on the description of “What” we are working to establish IDESG TFTM Committee 2

Some assumptions There will be an IDESG-Acknowledged ID Ecosystem Participation will grow over time Structures will evolve and requirements will become better-defined over time Adherence to the NSTIC Guiding Principles is mandatory The NSTIC Derived Requirements might be used as a mechanism to demonstrate adherence to the principles IDESG TFTM Committee 3

The NSTIC ID Ecosystem* will consist of different online communities that use interoperable technology, processes, and policies *Source: The NSTIC Strategy Document * The term “online communities”, while not perfect, should be used until IDESG determines the best replacement term and creates an IDESG Vision statement IDESG TFTM Committee 4

ID Ecosystem? ID Ecosystem Framework Rules Arrows = Inter-community interactions Online Communities IDESG TFTM Committee 5

Rationale and Value IDESG TFTM Committee 6

The rationale for The rationale for establishing an IDESG- Acknowledged ID Ecosystem (interim of long-term) is: The same as establishing any Standards-based program To acknowledge the ‘good actors’ in the general ID Ecosystem To influence service providers to use sound practices To signal to service consumers that there are minimum acceptable standards of operation IDESG TFTM Committee 7

The value in participating To enable identity solution and ‘online community’ participants to be recognized as being or strive to become recognized as participating in the IDESG-acknowledged ID Ecosystem For the cross-endorsement of participants to instill trusted brand power and the beginnings of a network effect for identity solution trust brands i.e. The companies would not identify with it if it brings their brand into disrepute To assure consumers/citizens/individuals that certain standards have been met and policies & practices are in place To act as a finding aid for identity services consumers to locate ‘trustworthy’ service providers To enable participants to promote participation as a service differentiator IDESG TFTM Committee 8

What is “Interim” IDESG TFTM Committee 9

The sense of “Interim” An initial group (as identified by IDESG) of ‘online communities’ which demonstrate that they meet the basic requirements of the Interim stage E.g. have been certified and accredited by an IDESG-vetted accreditation body E.g. self-assert that they satisfy the NSTIC Derived Requirements A period of time prior to a ‘big bang’ go-live of an IDESG-acknowledged ID Ecosystem in which potential participants can prepare for and receive accreditation A period during which any identity solutions can self-assert participation and satisfy requirements A Transition period would be required to formally verify the validity of these claims IDESG TFTM Committee 10

IDESG-Acknowledged Interim Ecosystem: Described IDESG TFTM Committee 11

What is the Interim thing? Consists of a few or several ‘Online Communities’ that are well-defined, well-governed, in operation, appear to be stable, satisfy the NSTIC Derived Requirements and have a positive track record of privacy and security management IDESG TFTM Committee 12

These ‘Online Communities’: Have community-defined, documented and enforced: Interoperability Standards; Shared risk model; Privacy policy, requirements and accountability mechanisms; Liability policy and requirements Have community-defined, documented and enforced: Policy, standards and processes that govern the activities of community members Can demonstrate that they satisfy all of the NSTIC Derived Requirements Can describe the types of community-member interactions or transactions that rely on identity- or attribute-related services Can demonstrate a track record of consistent application of the Community Rules; and the ability to detect, respond to and repair security and privacy breaches Have policies and processes for adding new members and revoking membership in the Community Have documented processes for handling interactions with entities that are not community members Have a business model that appears to support the activities of the Community IDESG TFTM Committee 13